South Korean police have arrested a CEO and five employees for adding an illegal feature to satellite receivers. These devices, sold on a large scale, could be used to carry out massive computer attacks, without the knowledge of their users.
Denial of service attacks – or collective service saturation attacks – (DDoS) have been exploding for several years, targeting both private companies that public institutions. These cyberattacks consist of saturate a site or an online service with a huge flow of requestsmaking it inaccessible. In September 2024, several French government sites, including those of the Ministries of Justice and the Civil Service, were taken offline by a massive attack. These examples illustrate the increasing severity of this menacewhich is now exploited by ever more diverse and malicious actors.
In South Koreaan unprecedented scandal broke out around the manufacture and sale of modified satellite receivers. Between 2019 and 2024, a local business sold more than 240,000 of these devices across the world. Among them, 98 000 had DDoS functionality built in from manufacture, while the others received this capability via firmware updates. Users, very often unconscious of this manipulation, found themselves not only involved in cyberattacksbut also saw the performance of their device reduced during these episodes.
Satellite receivers used to launch DDoS attacks
This illegal operation was revealed thanks to an international investigation led by Interpol. In July 2024, information was transmitted to South Korean authorities indicating that a foreign illegal distribution used these devices to carry out attacks. Analysis of the equipment confirmed that the fonction DDoS could be activated via des remote updates. According to investigators, this modification was requested in 2018 to counter competitive attacks. These revelations show how consumer technologies can be misused to fuel economic conflicts or targeted cyberattacks.
The CEO of the Korean company behind this fraud, as well as five of its employees, were arrested for violating cybersecurity laws. Authorities also seized 61 billion won (approximately 4.35 million euros), corresponding to the profits derived from these sales. However, managers of the foreign company who operated these receivers remain not found. South Korean police are calling for international cooperation to identify them and bring them to justice. In the meantime, this case highlights the importance of better securing connected devices, even those used for home or professional functions.
Source: South Korean Police
